Good morning. If you thought the Crowdstrike debacle—which knocked out a good portion of the world’s computers—was bad, wait for Q-day. That’s the term techies use to describe the day when quantum computing will break all modern encryption systems, and while it won’t arrive for years or even decades, CFOs should be mentally prepared.
Governments, businesses, and academics have been preparing for this for a long time, developing quantum-resistant cybersecurity offerings, but there’s no silver bullet.
And, as we saw with Crowdstrike’s botched update that led to billions in losses for companies worldwide, it’s not just cybersecurity hacks that can cause problems, but also updates and transitions to new cybersecurity systems.
That means migrating to new quantum-resistant cybersecurity systems is in itself a serious business risk. But don’t take it from me, take it from one of the world’s top quantum computing researchers, Michele Mosca, a professor in the Department of Combinatorics & Optimization at the University of Waterloo, and the cofounder of the Institute for Quantum Computing.
Mosca—who developed Mosca’s theorem, which describes when the world needs to become quantum-resistant—told me that the risk of Q-day coming within the next five years is just 5%, but jumps to 30% over the next 10 years. And the professor had a message for executives who might brush off the cybersecurity threat from quantum computers, or resist transitioning to quantum-resistant security systems due to costs.
“It’s a material risk,” he said. “You can’t say, ‘Hey, it’s probably not going to happen in 10 years, it’s only a 30% chance.’ Please report that to your board, your auditor, your regulator, your customers: ‘There’s only a little over a one-in-four chance that our solutions will systematically fail indefinitely, because we didn’t prepare.’ That’s not something you’re going to want to say.”
“For some reason we’ve gotten away with pretending that this risk isn’t there. But those days are quickly coming to an end,” he added.
For CFOs, a good way to think of it is to realize you all have technical debt—a catchall term used to describe the implied cost of the required reworking of technological systems—on your books, and some of you are ignoring it. According to Mosca, the migration process from old cybersecurity systems to new quantum-resistant ones will take years, the right talent, and billions of dollars—and that future spending is a form of debt that is growing.
“It’s fine to have debt as long as you know you have it, and you realize you’re paying interest, and you know you’re gonna have to somehow pay it back,” Mosca said. “It’s not fine to pretend it’s not there.”
CFOs will play an important role in recognizing the potential costs associated with the transition to quantum-resistant cybersecurity, he argued. That also makes CFOs key allies in addressing those potential issues now before they get out of hand.
“CFOs…have important work to do to help make market forces work for us instead of against us,” he said.
Like any revolutionary technology, quantum computing holds a world of possibilities and risks. With that in mind, Mosca had a message for the world’s business leaders, which I will quote at length:
“For quantum to be a positive milestone in human history or not, it’s your choice,” he said. “I’m working hard, fighting hard, along with many others to make sure we collectively take the ‘yes’ path, we are going to make it a positive event in human history. But there’s still a lot of real leadership that needs to be shown across the business world and political world. I know we’re very skeptical and cynical at times, but we do see, from time to time, these leaders step up and really change the world into a more positive direction.”
Will Daniel
[email protected]
The following sections of CFO Daily were curated by Greg McKenna.
This story was originally featured on Fortune.com
Source Agencies